US6711610B1

Movatterモバイル変換

Info

Publication number: US6711610B1
Application number: US09/394,359
Authority: US
Inventors: Clifford V. Harris
Original assignee: International Business Machines Corp
Current assignee: Lenovo Singapore Pte Ltd
Priority date: 1999-09-10
Filing date: 1999-09-10
Publication date: 2004-03-23
Anticipated expiration: 2019-09-10

Abstract

Description

BACKGROUND OF THE INVENTION

The present invention is directed toward the field of remotely controlling the actions of a host computer system using a local telephone connection, particularly in initiating a script of commands which cause the host computer system to connect to the Internet for subsequent access by a remotely located user.

Recently, there has been a proliferation of computer systems that are connected to the Internet, the global information network. Most of the services available on the Internet are provided by large organizations, such as Government, University, and large corporations. These institutions have the capital and resources to spend on high-powered server computers with corresponding dedicated links to the Internet. These dedicated links range in bandwidth from 56 KB for an ISDN (Integrated Services Digital Network) line to 1.5 MB for a full T1 line. Such links are typically dedicated connections to an Internet Service Provider (“ISP”), where the ISP then provides a physical connection to the Internet. For small companies and individual users desirous of setting up a server to provide services, such as a World-Wide-Web (“Web”) server, or an FTP (File Transfer Protocol) server, the costs of leasing and maintaining a dedicated connection to an ISP is prohibitive. Without a dedicated connection to the Internet, there is no means of providing on-demand access to remote users who want to take advantage of the services provided by the server.

Previous systems for controlling a host computer system over a telephone connection include (1) remote power-up and (2) remote access. The remote power-up systems include a circuit which detects a telephone call and applies power to the host computer. According to these prior art systems a telephone ring detector and power switch are interposed between the power outlet and the remote computer system to be activated. When a telephone call is detected on the phone line connected to the ring detector, the power switch is activated and the host computer's power supply is connected to the power outlet.

Previous remote access systems permit a remotely located computer system to gain access to a host system through an authorization device, and thereafter to control the actions of the host system. According to these types of systems, a user at a remote location from the host computer system gains access over a telephone connection between the two computers. Each computer includes a modem for communication over the phone line. In order to selectively permit access to certain users, but deny access to others, these remote access systems require the use of special hardware on both ends of the telephone connection, wherein the special hardware is an access control device connected between the respective computer and modem on each end of the connection. The hardware devices perform authorization handshaking using special codes, and if the codes match, the hardware devices permit access to the modem resources connected to the two computers. After the hardware devices have performed the authorization handshaking, the user of the local system then accesses the host system and controls its operations directly, as though he were located at the host system.

Another prior art system combines the teachings of the remote access systems and the remote power-up systems by providing a remote power-up device that is triggered by a phone call, and which “boots” a computer system and causes an access control program stored in the “boot drive” to be activated. Like the other remote access systems, this system assumes that the control of the host system is to be carried out by a local computer. The host system is controlled only after the access software permits access to the local user by first answering the telephone call and then establishing a logical connection between the modem of the host system and that of the local computer.

In yet another prior art system, a predetermined program stored at a host computer system is triggered using a telephone ring signal originating from a remote user, wherein the host system includes a ring detection and triggering circuit connected to a phone line for detecting a ring signal on the line. A trigger signal at the host system indicates that a ring signal has been detected. The host system receives the trigger signal and executes an activation script of commands that create a connection between the host system and the Internet. In an alternate configuration of this system, the remote user does not have to make a telephone call to trigger the host system to connect to the Internet, but instead sends data packets over a network, such as a Web Server, as if communicating to a host system that has a dedicated link. These data packets are then detected by the Internet Service Provider's (ISP) server computer at which the host computer has an account set up, and the server computer determines whether the host system is connected to the Internet. If the host system is not connected, the ISP rings a phone line connected to the host system, thereby triggering a connection to the Internet. To the remote user it would appear that the host computer system has a dedicated link.

SUMMARY OF THE INVENTION

The present invention overcomes the problem of having to lease and support a dedicated connection to the Internet, and meets the needs noted above by providing a system and method for remotely initiating a stored script of commands that cause the host system to connect to the Internet. Using the present invention, a host computer system can be accessed by a remote user, for communications over the Internet, without incurring constant connect charges of a dedicated link to an Internet Service Provider at the host computer system or long distance telephone charges for initiating the host computer system. Also, a small company or individual can achieve the benefits of having their own Internet server computer without the expense and complexity of a dedicated link to an Internet Service Provider.

An advantage of the present invention is that it enables a remote user to gain access to a host computer system without having to pay for long distance telephone charges associated with a direct connection, since the remote user can cause the host computer system to connect to the Internet, and the remote user can then access the services of the host computer system over the Internet. No long distance telephone link is required, and since the Internet is a global network, a remote user could be anywhere in the world, and could gain secure access to the host computer system without having to pay for a very expensive long distance telephone call.

BRIEF DESCRIPTION OF THE DRAWINGS

Referring now to the drawings wherein like elements are numbered alike in the several Figures:

FIG. 1 is a block diagram of a system according to the present invention;

FIG. 2 is a block diagram of an Internet Service Provider (ISP) site that is used as the intermediary computer system; and

FIG. 3 is a flow chart of the steps carried out by the ISP of FIG.2.

DETAILED DESCRIPTION OF THE DRAWINGS

Theintermediary computer system22 is geographically located in the local telephone calling area of thehost computer system10 and has a continuous connection to the Internet, as mentioned above. This request over theInternet16 is referred to herein as ‘in-band’. Thehost computer system10 has an account setup at theintermediary computer system22, whereby it knows the host computer system's identification and any optional service parameters. Theintermediary computer system22 initiates an asynchronous call over telephone lines (or otherwise) to thehost computer system10 via a modem. Once this asynchronous connection between theintermediary computer system22 and thehost computer system10 is established (direct connections between computer system via a modem and the like being well known), data packets are transmitted to thehost computer system10, such communication being referred to herein as ‘out of band’.

Referring now to FIG. 2, in a preferred embodiment of the invention theintermediary computer system22 comprises an ISP server which includes a network connection, orpipe24, to theInternet16 over which a multitude of data packets are being transmitted. Each data packet contains routing information, such as an IP address of theintermediary system22 or some other unique destination information that server computers connected across the network use to direct and route the packet. The data packets transmitted from theremote computer system20 over theInternet16 would also include the identity of the remote requestor, the request of the remote requestor for thehost computer system10 to connect to theInternet16 and an IP address for communicating with the remote requester.

The ISP server system includes a number of software and database components, a server computer, and a pool of modems. The ISP server computer is connected to the Internet via thenetwork pipe24, which could be a dedicated connection, such as a T1 or T3 high bandwidth telephone connection.

The ISP server includes anaccess detector program26, which is a software module that constantly monitors the destination information of data packets transmitted over thenetwork pipe24, and extracts the destination address information which corresponds to those serviced by that ISP. The information extracted by theaccess detector program26 is routed to acollection module28 which is a software module that collects and stores the destination information of detected packets. This information is then routed to araw access log30 where it is stored and time stamped so that the ISP server system knows when access to a customer'shost computer system10 has been requested.

In addition to theraw access log30, the ISP server includes an organizeddatabase32, which stores a variety of information such as which ISP customers have paid for the remote accessing service and an access list of authorized remote users, how many access requests for a particular customer have been logged into the raw access log, how many request for remote connection have been forwarded to the customer ‘out of band’, billing information, etc.

The information stored in theraw access log30 and the organizeddatabase32 is used by adatabase decision module34 to determine whether to forward ‘out of band’ a request received ‘in band’ from a remote requester requesting thehost computer system10 to connect to the Internet. Thedatabase decision module34 examines the request including performing an authentication check (as described above) of the remote requester based on the access list stored in the organizeddatabase32. If access is authorized the database decision module extracts a phone number of thehost computer system10 for an ‘out of band’ communication. The ISP server computer then dials the phone number associated with the customer'shost computer system10, using one of the modem's in theserver modem pool36 and adialer module38, thus connecting with the host computer system ‘out of band’ for communicating the request, as described hereinbefore.

Referring now to FIG. 3, a flow chart of the steps carried out at the ISP intermediary computer system is provided. Instep40, aremote user42 transmits data packets with the request information embedded in the packets over theInternet16. These packets are routed by various other computer systems (not shown) and ultimately are directed to the ISP server. Atstep44, the ISP server detects the destination information corresponding to a request to access the host computer system. The ISP server collects this information and routes it to the raw access log instep46. Following the update to the raw access log, the database decision module then determines, instep48, whether the requester is authorized (authenticated). If the remote requester is not authenticated, then instep50 the ISP server takes no additional action. If the remote requester is authenticated, then the ISP server, then in step52 a “ping” function is executed. The “ping” function is used to determine whether a particular system is presently connected to the Internet. This function is well known in the art of digital communications, particularly communications between computers via a network such as the Internet. If the “ping” command yields a positive result, then the requested host system is presently connected to the Internet, and the ISP server first updates the organizeddatabase32 to reflect the request forservices54 and the request data is transmitted (routed) ‘in-band’ to the host computer system. If the “ping” command indicates that the requested host system is not presently connected to the Internet, then the ISP server makes atelephone call56 to the host computer system ‘out of band’ using a modem58. After the ISP server dials the phone number of the host computer system, the request data is transmitted (routed) ‘out of band’ to the host computer system. If the host computer system is not available, then the ISP server will redial until the host computer system makes a connection, or until some maximum number of redials is attempted. This request (the data pockets transmitted ‘in band’ or ‘out of band’) will cause the host system computer to execute the script that will create a connection to the Internet.

The present invention can be embodied in the form of computer-implemented processes and apparatuses for practicing those processes. The present invention can also be embodied in the form of computer program code containing instructions embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. The present invention can also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. When implemented on a general-purpose microprocessor, the computer program code segments configure the microprocessor to create specific logic circuits.

While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from the essential scope thereof. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed as the best mode contemplated for carrying out this invention, but that the invention will include all embodiments falling within the scope of the appended claims.

Claims

What is claimed is:

1. A method of initiating communication between a host computer system and a remote computer system comprising:

transmitting from the remote computer system request data over an Internet;

receiving at an intermediary computer system said request data from the Internet;

transmitting from the intermediary computer system said request data outside of the Internet;

receiving at the host computer system said request data from outside of the Internet;

first authenticating an identity of the remote computer system at the host computer system;

connecting the host computer system to the Internet in response to said request data when said identity of the remote computer system is first authenticated;

communicating over the Internet between the host computer system and the remote computer system;

second authenticating said identity of the remote computer system at the host computer system in response to data received in said communicating over the Internet, and continuing said communicating over the Internet when said identity of the remote computer system is second verified;

third authenticating said identity of the remote computer system at the intermediary computer system; and

wherein said transmitting from the intermediary computer system said request data outside of the Internet comprises transmitting from the intermediary computer system said request data outside of the Internet when said identity of the remote computer system is third authenticated.

2. The method ofclaim 1 wherein said intermediary computer system comprises an Internet service provider server system.

3. The method ofclaim 1 wherein said transmitting from the intermediary computer system said request data outside of the Internet includes initiating an asynchronous call over telephone lines using a modem at the intermediary computer system.

4. The method ofclaim 1 wherein said first authenticating comprises comparing said identity to an access list stored at the host computer system.

5. The method ofclaim 1 wherein at least one of said first authenticating and said second authenticating steps utilizes a secret software key or data encryption.

6. The method ofclaim 1 wherein said connecting the host computer system to the Internet in response to said request data comprises executing an activation script stored at the host computer system.

7. The method ofclaim 1 wherein said request data includes an IP address for use by the host system for communicating with the remote computer system.

8. A system comprising:

a remote computer system for transmitting request data over an Internet;

an intermediary computer system receptive to said request data from the Internet and configured for transmitting said request data outside of the Internet in response to said request data;

a host computer system receptive to said request data from outside of the Internet, said host computer system configured for first authenticating an identity of said remote computer system and connecting said host computer system to the Internet in response to said request data when said identity of the remote computer system is first authenticated, said host computer system configured for communicating over the Internet between the host computer system and the remote computer system, said host computer system configured for second authenticating said identity of said remote computer system in response to data received in communications over the Internet and continuing communications with said remote computer system over the Internet when said identity of said remote computer system is second verified;

wherein said intermediary computer system is further configured for third authenticating said identity of said remote computer system, and wherein said intermediary computer system configured for transmitting said request data outside of the Internet comprises transmitting said request data outside of the Internet when said identity of the remote computer system is third authenticated.

9. The system ofclaim 8 wherein said intermediary computer system comprises an Internet service provider server system.

10. The system ofclaim 8 wherein said intermediary computer system includes a modem for transmitting said request data outside of the Internet includes by initiating an asynchronous call over telephone lines using said modem.

11. The system ofclaim 8 wherein said host computer system configured for first authenticating said identity of said remote computer system comprises comparing said identity to an access list stored at the host computer system.

12. The system ofclaim 8 wherein at least one of said first authenticating and said second authenticating utilizes a secret software key or data encryption.

13. The system ofclaim 8 wherein said host computer system configured for connecting said host computer system to the Internet in response to said request data comprises executing an activation script stored at said host computer system.

14. The system ofclaim 8 wherein said request data includes an IP address for use by the host system for communicating with the remote computer system.

15. A method of initiating communication between a host computer system and a remote computer system, comprising:

transmitting from the remote computer system request data over an Internet;

transmitting from the intermediary computer system a signal to determine if the host computer system is connected to the Internet;

transmitting from the intermediary computer system said request data (1) over the Internet when the host computer system is connected to the Internet and (2) outside of the Internet otherwise;

receiving at the host computer system said request data;

communicating over the Internet between the host computer system and the remote computer system when said identity of the remote computer system is first authenticated;

third authenticating said identity of the remote computer system at the intermediary computer system;

16. The method ofclaim 15 wherein said intermediary computer system comprises an Internet service provider server system.

17. The method ofclaim 15 wherein said first authenticating comprises comparing said identity to an access list stored at the host computer system.

18. The method ofclaim 15 wherein at least one of said first authenticating and said second authenticating steps utilizes a secret software key or data encryption.

19. The method ofclaim 15 wherein said request data includes an IP address for use by the host system for communicating with the remote computer system.

20. A system comprising:

a remote computer system for transmitting request data over an Internet;

an intermediary computer system receptive to said request data from the Internet, said intermediary computer system configured for transmitting a signal to determine if a host computer system is connected to the Internet and for transmitting said request data (1) over the Internet when said host computer system is connected to the Internet and (2) outside of the Internet otherwise;

a host computer system receptive to said request data, said host computer system configured for first authenticating an identity of said remote computer system, said host computer system further configured for communicating over the Internet between said host computer system and said remote computer system when said identity of said remote computer system is first authenticated, said host computer system configured for second authenticating said identity of said remote computer system in response to data received in communications over the Internet and continuing communications with said remote computer system over the Internet when said identity of said remote computer system is second verified;

wherein said intermediary computer system is further configured for third authenticating said identity of said remote computer system and wherein said intermediary computer system configured for transmitting said request data outside of the Internet comprises transmitting said request data outside of the Internet when said identity of the remote computer system is third authenticated.

21. The system ofclaim 20 wherein said intermediary computer system comprises an Internet service provider server system.

22. The system ofclaim 20 wherein said host computer system configured for first authenticating said identity of said remote computer system comprises comparing said identity to an access list stored at the host computer system.

23. The system ofclaim 20 wherein at least one of said first authenticating and said second authenticating utilizes a secret software key or data encryption.

24. The system ofclaim 20 wherein said request data includes an IP address for use by the host system for communicating with the remote computer system.